CVSS: 7.5EPSS: 0%CPEs: 55EXPL: 0CVE-2020-1650 – Junos OS: MX Series: Denial of Service vulnerability in MS-PIC component on MS-MIC or MS-MPC
https://notcve.org/view.php?id=CVE-2020-1650
17 Jul 2020 — On Juniper Networks Junos MX Series with service card configured, receipt of a stream of specific packets may crash the MS-PIC component on MS-MIC or MS-MPC. By continuously sending these specific packets, an attacker can repeatedly bring down MS-PIC on MS-MIC/MS-MPC causing a prolonged Denial of Service. This issue affects MX Series devices using MS-PIC, MS-MIC or MS-MPC service cards with any service configured. This issue affects Juniper Networks Junos OS on MX Series: 17.2R2-S7; 17.3R3-S4, 17.3R3-S5; 17... • https://kb.juniper.net/JSA11037 •
CVSS: 7.5EPSS: 0%CPEs: 133EXPL: 0CVE-2020-1649 – Junos OS: MX Series: PFE crash on MPC7/8/9 upon receipt of small fragments requiring reassembly
https://notcve.org/view.php?id=CVE-2020-1649
17 Jul 2020 — When a device running Juniper Networks Junos OS with MPC7, MPC8, or MPC9 line cards installed and the system is configured for inline IP reassembly, used by L2TP, MAP-E, GRE, and IPIP, the packet forwarding engine (PFE) will become disabled upon receipt of small fragments requiring reassembly, generating the following error messages: [LOG: Err] MQSS(2): WO: Packet Error - Error Packets 1, Connection 29 [LOG: Err] eachip_hmcif_rx_intr_handler(7259): EA[2:0]: HMCIF Rx: Injected checksum error detected on WO r... • https://kb.juniper.net/JSA11036 •
CVSS: 9.8EPSS: 1%CPEs: 65EXPL: 0CVE-2020-1647 – Junos OS: SRX Series: Double free vulnerability can lead to DoS or remote code execution due to the processing of a specific HTTP message when ICAP redirect service is enabled
https://notcve.org/view.php?id=CVE-2020-1647
17 Jul 2020 — On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, a double free vulnerability can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) due to processing of a specific HTTP message. Continued processing of this specific HTTP message may result in an extended Denial of Service (DoS). The offending HTTP message that causes this issue may originate both from the HTTP server or the client. This issue affects Juniper Networks Junos OS on SRX Seri... • https://kb.juniper.net/JSA11034 • CWE-415: Double Free •
CVSS: 8.3EPSS: 0%CPEs: 59EXPL: 0CVE-2020-1645 – Junos OS: MX Series: Services card might restart when DNS filtering is enabled
https://notcve.org/view.php?id=CVE-2020-1645
17 Jul 2020 — When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process, responsible for managing "URL Filtering service", may crash, causing the Services PIC to restart. While the Services PIC is restarting, all PIC services including DNS filtering service (DNS sink holing) will be bypassed until the Services PIC completes its boot process. If the issue oc... • https://kb.juniper.net/JSA11028 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 0%CPEs: 127EXPL: 0CVE-2020-1644 – Junos OS and Junos OS Evolved: RPD crash due to specific BGP UPDATE packets
https://notcve.org/view.php?id=CVE-2020-1644
17 Jul 2020 — On Juniper Networks Junos OS and Junos OS Evolved devices, the receipt of a specific BGP UPDATE packet causes an internal counter to be incremented incorrectly, which over time can lead to the routing protocols process (RPD) crash and restart. This issue affects both IBGP and EBGP multihop deployment in IPv4 or IPv6 network. This issue affects: Juniper Networks Junos OS: 17.2X75 versions prior to 17.2X75-D105.19; 17.3 versions prior to 17.3R3-S8; 17.4 versions prior to 17.4R2-S10, 17.4R3-S2; 18.1 versions p... • https://kb.juniper.net/JSA11032 • CWE-20: Improper Input Validation CWE-703: Improper Check or Handling of Exceptional Conditions •
CVSS: 5.5EPSS: 0%CPEs: 250EXPL: 0CVE-2020-1643 – Junos OS: EX Series: RPD crash when executing specific "show ospf interface" commands from the CLI with OSPF authentication configured
https://notcve.org/view.php?id=CVE-2020-1643
17 Jul 2020 — Execution of the "show ospf interface extensive" or "show ospf interface detail" CLI commands on a Juniper Networks device running Junos OS may cause the routing protocols process (RPD) to crash and restart if OSPF interface authentication is configured, leading to a Denial of Service (DoS). By continuously executing the same CLI commands, a local attacker can repeatedly crash the RPD process causing a sustained Denial of Service. Note: Only systems utilizing ARM processors, found on the EX2300 and EX3400, ... • https://kb.juniper.net/JSA11030 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 6.5EPSS: 0%CPEs: 278EXPL: 0CVE-2020-1641 – Junos OS: A race condition on receipt of crafted LLDP packets leads to a memory leak and an LLDP crash.
https://notcve.org/view.php?id=CVE-2020-1641
17 Jul 2020 — A Race Condition vulnerability in Juniper Networks Junos OS LLDP implementation allows an attacker to cause LLDP to crash leading to a Denial of Service (DoS). This issue occurs when crafted LLDP packets are received by the device from an adjacent device. Multiple LACP flaps will occur after LLDP crashes. An indicator of compromise is to evaluate log file details for lldp with RLIMIT. Intervention should occur before 85% threshold of used KB versus maximum available KB memory is reached. show log messages |... • https://kb.juniper.net/JSA11027 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 0%CPEs: 49EXPL: 0CVE-2020-1640 – Junos OS: Receipt of certain genuine BGP packets from any BGP Speaker causes RPD to crash.
https://notcve.org/view.php?id=CVE-2020-1640
17 Jul 2020 — An improper use of a validation framework when processing incoming genuine BGP packets within Juniper Networks RPD (routing protocols process) daemon allows an attacker to crash RPD thereby causing a Denial of Service (DoS) condition. This framework requires these packets to be passed. By continuously sending any of these types of formatted genuine packets, an attacker can repeatedly crash the RPD process causing a sustained Denial of Service. Authentication to the BGP peer is not required. This issue can b... • https://kb.juniper.net/JSA11024 • CWE-20: Improper Input Validation CWE-1173: Improper Use of Validation Framework •
CVSS: 9.8EPSS: 0%CPEs: 277EXPL: 0CVE-2020-1631 – Juniper Junos OS Path Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2020-1631
04 May 2020 — A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated attacker to perform local file inclusion (LFI) or path traversal. Using this vulnerability, an attacker may be able to inject commands into the httpd.log, read files with 'world' readable permission file or obtain J-Web session tokens. In the case of command injection, as the HTTP service runs as u... • https://kb.juniper.net/JSA11021 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-73: External Control of File Name or Path •
CVSS: 8.6EPSS: 0%CPEs: 121EXPL: 0CVE-2020-1632 – Junos OS and Junos OS Evolved: Invalid BGP UPDATE sent to peer device may cause BGP session to terminate.
https://notcve.org/view.php?id=CVE-2020-1632
15 Apr 2020 — In a certain condition, receipt of a specific BGP UPDATE message might cause Juniper Networks Junos OS and Junos OS Evolved devices to advertise an invalid BGP UPDATE message to other peers, causing the other peers to terminate the established BGP session, creating a Denial of Service (DoS) condition. For example, Router A sends a specific BGP UPDATE to Router B, causing Router B to send an invalid BGP UPDATE message to Router C, resulting in termination of the BGP session between Router B and Router C. Thi... • https://kb.juniper.net/JSA11013 • CWE-755: Improper Handling of Exceptional Conditions •